Red Hat Bugzilla – Bug 844997
bind mounted targets can not be removed after unmounting them
Last modified: 2016-04-27 00:27:33 EDT
Description of problem:
The targets of the bind mounts from /config can not be removed
Version-Release number of selected component (if applicable):
F17 based builds
Steps to Reproduce:
1. Install Node 2.5.0-2
2. Login and configure network with dhcp
3. drop to shell
4. unpersist /etc/sysconfig/network-scripts/ifcfg-breth0
5. rm /etc/sysconfig/network-scripts/ifcfg-breth0
File can not be removed because of EBUSY
File can be removed (as /etc is a tmpfs, and not ro)
It seems that that ntpd.service is now using systemd's PrivateTmp feature, thus a private namespace is created for ntpd.service. When the service is stopped the previosuly bind mounted targets can be removed.
I'm adding your because you were driving this effort in F17. Have you got an idea why this problem appears or do you need more informations?
If you run
mount -rshared /
Before mounting and starting ntpd does the problem go away?
(In reply to comment #2)
> If you run
> mount -rshared /
> Before mounting and starting ntpd does the problem go away?
Yes, that solved it.
Could you explain the problem and the solution?
This says that All namespaces will share any mounts/unmounts that happen to the parent namespace on the / directory. I believe this should be the default. But as of right now it is not.
Is there an fstab option we can set to make that the default? I can't find any documentation on how to set that in any way other than with the --make-rshared mount option.
No, we have a bug report on this but it has been rejected. You either need an init script/unit file or we need to convince systemd to do this automatically.
I wonder why systemd is not mounting / appropriately if they offer the PrivateTmp feature. Or is our use case a corner case?
OK, we'll add this command to our early init script.
Hmm, so in the long run we really should have the namespace inheritance options a mount option like any other, so that people can list them in fstab.
However, I still believe that the default (which should apply when you have no fstab or no line for / in it) should be shared. Since the kernel default is private (and probably shouldnb't be changed) I think I'll just make systemd remount / shared unconditionally. That means that everybody who wants private mounts needs to either a) wait for the kernel to be fixed to accept the namespace inheritance options like any other options, b) write a little service on their own that does mount --make-private / to undo what systemd did.
I agree the default should be shared and anyone needing private, should take care of that on their own.
systemd in git will now mount the root file system "shared". This will soon enter Rawhide.
patch for ovirt-node until this gets into fedora:
This bug has been fixed in the 2.6.0 release of ovirt-node, which is now available on both ovirt.org and in Fedora 18